SPAM Alert - (Hell Pizza compromised?)

Forums › Off topic › SPAM Alert - (Hell Pizza compromised?)

dontpanic42

1574 posts

Uber Geek
+1 received by user: 11

#38635 3-Aug-2009 00:49

Has anyone else received the below email? I am pretty sure it is a fake/scam/spam/phishing email. Can anyone else confirm? It sounds pretty dodge to me!

NOTE: I wouldn't recommend clicking on the links below.

Subject Line: New PDF Reader For Windows

PDF Reader 2009 - New Version for Windows and Mac
The latest PDF Reader: Open, Edit & Create PDF Files

http://www.adobe-pdf-2009.net/index.php?=pdf_gmd2&kbid=1581⊂=pdf_gmd2

Included in this package:

OpenOffice Suite - Get things done more quickly and improve your work efficiency.

-Open, edit and view all PDF files.
-Enhanced performance with faster loading and zooming.
-Collect your data and combine it into a high quality document.

http://www.adobe-pdf-2009.net/index.php?=pdf_gmd2&kbid=1581⊂=pdf_gmd2

Download the complete Office solution today and also receive free updates and 24/7 customer support.

"Since the 90's, PDF has become the standard file format for document exchange." - Adobe

http://www.adobe-pdf-2009.net/index.php?=pdf_gmd2&kbid=1581⊂=pdf_gmd2

Thank you for choosing us, the worldwide leader in PDF Reader Solutions.

Best Regards,

Adam Norman
PDF Reader 2009

Adv Media Ltd | 2390 Avenue | New York | 10023 | USA

{MOD EDIT : SP : Removed links}

1 | 2 | 3 | 4 | 5 | 6

188 posts

Master Geek
+1 received by user: 3

#241658 3-Aug-2009 01:45

I have recieved that email 3 times tonight. The image below is what you get to when you click on the link.
Trying to get you to pay for something.

scottjpalmer

6032 posts

Uber Geek
+1 received by user: 790

Moderator

ID Verified

Trusted

Lifetime subscriber

#241659 3-Aug-2009 01:47

Yeah I have received it multiple times too

Frieda51

2 posts

Wannabe Geek

#241665 3-Aug-2009 06:54

I just got that e-mail, googled it and found this: http://spam-and-phishing.blogspot.com/2008/11/new-pdf-reader-2009.html which says it's spyware. This article tells you how to remove it.

Bee

741 posts

Ultimate Geek
+1 received by user: 189

#241779 3-Aug-2009 13:12

Interesting...
I got it 3 times last night too... how did it get our email addresses? what have we all signed up for that has sold/leaked our email address???

Doing your best is much more important than being the best.

freitasm

BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41030

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#241781 3-Aug-2009 13:17

Bee: Interesting...
I got it 3 times last night too... how did it get our email addresses? what have we all signed up for that has sold/leaked our email address???

This makes no difference. Spammers will use a huge number of different sources for their databases. Computers infected with trojans will report any email address from sent/received emails, bots will scrape webpages for email addresses, brute force will just send emails to common names in all domains known...

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

ukoda

56 posts

Master Geek
+1 received by user: 48

#241800 3-Aug-2009 14:20

Bee: Interesting...
I got it 3 times last night too... how did it get our email addresses? what have we all signed up for that has sold/leaked our email address???

I received it using the email address I signed up to with Hell Pizza. The email address was hell@mydomain so it is possible that they just created the email address but I think it more like Hell Pizza, or their site operator either sold it or were compromised.

I have had this kind of problem with the House of Travel too and they, off course, denied any fault and tried to blame me by suggesting I had used the email address somewhere public. The catch with that theory is it was a unique email address just for them. One suggestion I had heard was that cross site scripting could be the cause of such email adress leakage. I'm not sure how likely that is?

Mighty Ape

Shop now at Mighty Ape (affiliate link).

dontpanic42

1574 posts

Uber Geek
+1 received by user: 11

#241817 3-Aug-2009 15:11

ukoda:
Bee: Interesting...
I got it 3 times last night too... how did it get our email addresses? what have we all signed up for that has sold/leaked our email address???

I received it using the email address I signed up to with Hell Pizza. The email address was hell@mydomain so it is possible that they just created the email address but I think it more like Hell Pizza, or their site operator either sold it or were compromised.

I have had this kind of problem with the House of Travel too and they, off course, denied any fault and tried to blame me by suggesting I had used the email address somewhere public. The catch with that theory is it was a unique email address just for them. One suggestion I had heard was that cross site scripting could be the cause of such email adress leakage. I'm not sure how likely that is?

Nice to know it wasn't just me.

Ahhhhh... that's interesting. I too have used this email address to sign up to Hell Pizza. Can anyone else confirm that they have used their receiving email address for Hell Pizza?

freitasm

BDFL - Memuneh
80646 posts

Uber Geek
+1 received by user: 41030

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#241822 3-Aug-2009 15:21

dontpanic42: Ahhhhh... that's interesting. I too have used this email address to sign up to Hell Pizza. Can anyone else confirm that they have used their receiving email address for Hell Pizza?

Not here.

Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

wazzageek

1095 posts

Uber Geek
+1 received by user: 108

ID Verified

Trusted

Lifetime subscriber

#241823 3-Aug-2009 15:26

Oddly enough, I'm getting this spam on the email address that ONLY hell pizza (and my email provider) know. I wasn't going to make this public, but others already have.

I've tried an email to Hell pizza via the Contact Us button ... I plan to snail mail their head office, as this is not the first bit of spam originating with this email address.

UPDATE: Please note I'm not pinning the blame solely on Hell Pizza here ... I'm just a little miffed that the contact us page didn't elicit a response yet ... (been a week now...)

whereisglenn

27 posts

Geek

#241977 3-Aug-2009 19:58

I am posting this on behalf of Hell Pizza. I would like to advise that we don't sell email addresses (very bad), nor have we been hacked (our web servers are behind dedicated, monitored firewalls). We use software from interspire and I'm not aware of any security vunerabilities in the latest version we have installed.

I'm more enclined to believe that this is the result of brute force attacks - unfortunately for us, "hell" is not the most advantageous/desirable word to be using in email correspondence or email addresses.

dan

1134 posts

Uber Geek
+1 received by user: 105

Lifetime subscriber

#242015 3-Aug-2009 21:05

also got that email to a non public email address, and use that address for Hell Pizza

likely just coincidence..

Geekzone support

Support Geekzone with one-off or recurring donations Donate via PressPatron.

aikendrum

2 posts

Wannabe Geek

#242789 5-Aug-2009 03:46

whereisglenn: I am posting this on behalf of Hell Pizza. I would like to advise that we don't sell email addresses (very bad), nor have we been hacked (our web servers are behind dedicated, monitored firewalls). We use software from interspire and I'm not aware of any security vunerabilities in the latest version we have installed.

I'm more enclined to believe that this is the result of brute force attacks - unfortunately for us, "hell" is not the most advantageous/desirable word to be using in email correspondence or email addresses.

I can confirm that I have also received this email at an email address unique to Hell Pizza.
If it was random, I would have received more than one email as emails to <anything>@<mydomainname>.com get to me.
Your database of email addresses has been been compromised. I would suggest it is investigated again.

RockResearch

152 posts

Master Geek

Trusted

#242801 5-Aug-2009 07:16

I got the email and also use the address for Hell Pizza (not just Hell Pizza though).

Rock Research - NZ's online marketing research experts. We like to blog too.

rscole86

4999 posts

Uber Geek
+1 received by user: 462

Moderator

Trusted

Lifetime subscriber

#242810 5-Aug-2009 08:04

Neither of the two email address' I have registered with hell have gotten this spam. Another has, which I know for a fact has not been used for/with/by hell.

ukoda

56 posts

Master Geek
+1 received by user: 48

#242821 5-Aug-2009 08:36

aikendrum:
whereisglenn: ... nor have we been hacked ...

I can confirm that I have also received this email at an email address unique to Hell Pizza.
If it was random, I would have received more than one email as emails to @.com get to me.
Your database of email addresses has been been compromised. I would suggest it is investigated again.

My frustration with this, and similar cases I have dealt with, is when the issue is raised they deny the possibility they have been compromised and instead try to blame me. Unlike them I am not stupid engough to believe that I couldn't be compromised even if I mostly use Linux. Thinking about it I can only see these possibilities:

1. The email address was used elsewhere. Clearly this is not the case here as several posters, like me, gave Hell Pizza a unique email address.
2. My machine was compromised and the email address was scraped from my email client. I think this unlikely as I can't think of any address book etc where their email address would be kept and if there was then I should also be spam from all the other unique email addresses I have created.
3. It was gathered by cross site scripting. To be honest I don't understand the details but I gather that after using a web form to submit my email address at Hell's website I then visit a bad site and they too gather the same info. I have not seen any realistic advise on how to avoid this problem. Advise of not visiting bad site is like not getting a flat tyre on your car, you can reduce the risk but it will still happen. Any practical suggestions that don't compromise general usability? Regardless I don't think this is the case here as for the same reason as the above point i.e. it's not happening with other unique addresses.
4. The email address was created at random. Given hell is only four character I was prepared to concede this as a posisibility but I still think this is a slim chance as I'm not seeing a wide range addresses. If I see the same non-user email address spammed more than once I add it to the email server bounce list. So far there would only be about 30 addresses in that list and it has been surprisingly effect at blocking spam. Of that list 2/3rds are weird addresses I never used. What I am not seeing is regular different one time email addresses used to spam me. I now feel this is very unlikely to be the cause this time.
5. Hell Pizza sold the email address. Here I believe whereisglenn as I doubt they would be so stupid.
6. A PC with access to the email database has been compromised. I think this is the most likely case and don't see how whereisglenn can say "nor have we been hacked". Hackers prefer to keep a low profile so how would they know? Firewalls only stop malware being pushed to machines, they do nothing to stop luser from accidentaly pulling malware to their local PC. Can Hell Pizza honestly say that they don't have a staff member with low or modest computer skills that is using IE on a machine which does not have updates turned on? Maybe a laptop brought in from home?

It is this last case that annoys me because of the denial and refusal to sort the problem. Pity we don't have effective laws or procedures to deal with these people. In one case I was under attack from an Internet cafe where the operator told me they couldn't fix the problem since the machines were used but the public and therefore could not be secured. He had a change of heart when I offered to remotely fix the problem for him by formatting his hard drives using the same security hole he was refusing to fix.

1 | 2 | 3 | 4 | 5 | 6